PEMAC LLC
NIST Risk Management Framework
The Risk Management Framework (RMF) is a set of criteria that dictate how United States government IT systems must be architected, secured, and monitored.
Intelligence Community Standard
This standard provides for the collection and sharing of audit data to support counter-intelligence, information assurance, business analytics, personnel security, and other community audit needs related to IC information resources.
Sarbanes-Oxley
SOX compliance is not just a legal obligation but also a good business practice. The goal of the legislation is to increase transparency in the financial reporting by corporations and to require a formalized system of checks and balances in each company.
Cybersecurity Maturity Model Certification
The CMMC measures the maturity of an organization’s cybersecurity processes and practices across five levels covering seventeen domains. The domains are broad categories of critical security functions such as Access Control, Identification and Authentication, Incident Response, etc. much like the control families from the NIST 800-53 security controls standard.
Acceptable Risk Safeguards
The Centers for Medicare & Medicaid Services (CMS) Acceptable Risk Safeguards (ARS) provides guidance to CMS and its contractors as to the minimum acceptable level of required security controls that must be implemented by CMS and CMS contractors to protect CMS’ information and information systems, including CMS Sensitive Information.
Health Insurance Portability and Accountability Act
Through a series of interlocking regulatory rules, HIPAA compliance is a living culture that health care organizations must implement into their business in order to protect the privacy, security, and integrity of protected health information.
PEMAC